Keita Suzuki

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A potential double free issue in the Linux kernel has been identified. The problem occurs in the `create var ref()` function, where `init var ref()` is called to initialize fields of `ref field`, which is allocated in `create hist field()`. If an error is encountered, `init var ref()` frees the corresponding fields, but the caller later calls `destroy hist field()` to handle the error, resulting in a double free of the fields. **Recommendations** To resolve this issue, store NULL to the corresponding fields when they are freed in `init var ref()`.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A double free vulnerability has been identified in the Linux kernel, specifically in the `si parse power table()` function. This issue arises when the allocation of array members fails, leading to the array being freed and returned with an error code. However, the array is later freed again in the `si dpm fini()` function, which can cause a double free of the array `adev->pm.dpm.ps` and a leak of its array members. Additionally, the variable `adev->pm.dpm.num ps` is not updated until the member allocation is successfully finished, potentially leading to use after free or uninitialized variable access in `si dpm fini()`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.